1# FLASK 2 3# 4# Define the security object classes 5# 6 7# Classes marked as userspace are classes 8# for userspace object managers 9 10class security 11class process 12class system 13class capability 14 15# file-related classes 16class filesystem 17class file 18class dir 19class fd 20class lnk_file 21class chr_file 22class blk_file 23class sock_file 24class fifo_file 25 26# network-related classes 27class socket 28class tcp_socket 29class udp_socket 30class rawip_socket 31class node 32class netif 33class netlink_socket 34class packet_socket 35class key_socket 36class unix_stream_socket 37class unix_dgram_socket 38class bpf 39 40# sysv-ipc-related classes 41class sem 42class msg 43class msgq 44class shm 45class ipc 46 47# extended netlink sockets 48class netlink_route_socket 49class netlink_tcpdiag_socket 50class netlink_nflog_socket 51class netlink_xfrm_socket 52class netlink_selinux_socket 53class netlink_audit_socket 54class netlink_dnrt_socket 55 56# IPSec association 57class association 58 59# Updated Netlink class for KOBJECT_UEVENT family. 60class netlink_kobject_uevent_socket 61 62class appletalk_socket 63 64class packet 65 66# Kernel access key retention 67class key 68 69class dccp_socket 70 71class memprotect 72 73# network peer labels 74class peer 75 76# Capabilities >= 32 77class capability2 78 79# kernel services that need to override task security, e.g. cachefiles 80class kernel_service 81 82class tun_socket 83 84class binder 85 86# Updated netlink classes for more recent netlink protocols. 87class netlink_iscsi_socket 88class netlink_fib_lookup_socket 89class netlink_connector_socket 90class netlink_netfilter_socket 91class netlink_generic_socket 92class netlink_scsitransport_socket 93class netlink_rdma_socket 94class netlink_crypto_socket 95 96# Capability checks when on a non-init user namespace 97class cap_userns 98class cap2_userns 99 100# New socket classes introduced by extended_socket_class policy capability. 101# These two were previously mapped to rawip_socket. 102class sctp_socket 103class icmp_socket 104# These were previously mapped to socket. 105class ax25_socket 106class ipx_socket 107class netrom_socket 108class atmpvc_socket 109class x25_socket 110class rose_socket 111class decnet_socket 112class atmsvc_socket 113class rds_socket 114class irda_socket 115class pppox_socket 116class llc_socket 117class can_socket 118class tipc_socket 119class bluetooth_socket 120class iucv_socket 121class rxrpc_socket 122class isdn_socket 123class phonet_socket 124class ieee802154_socket 125class caif_socket 126class alg_socket 127class nfc_socket 128class vsock_socket 129class kcm_socket 130class qipcrtr_socket 131class smc_socket 132 133# Property service 134class property_service # userspace 135 136# Service manager 137class service_manager # userspace 138 139# hardware service manager # userspace 140class hwservice_manager 141 142# Keystore Key 143class keystore_key # userspace 144 145class drmservice # userspace 146# FLASK 147